Windows Vulnerability Could Allow Compromise, but Microsoft Says Not Very Likely

April 14, 2015 Updated: April 14, 2015

A new security flaw has been discovered in Windows that could potentially compromise the safety of millions of PCs. This is according to security firm Cylance, which has dubbed the newly discovered vulnerability “Redirect to SMB.”

Although the possibility of an actual scenario occurring is very low, what makes “Redirect to SMB” unique is that it doesn’t rely on the ignorance of the PC user. Although more traditional infections require interaction from the user via a click of a rogue link, Cylance is adamant the vulnerability can be executed by intercepting the communication to a remote server.

For example, this can be in the form of adware or a program that imitates updates of legitimate applications.

Microsoft did acknowledge the vulnerability, but did not deem it as large of a threat as Cylance. According to Microsoft, there would be multiple factors necessary to create the “perfect storm” in order for the weakness to be exploited. Microsoft has also continuously updated and added security measures in Windows to negate this type of exploit.

Republished with permission from Neowin. Read full article